{"report_id":"d54ae371-0c91-4462-a44e-ef5cfc6648d1","version":6,"status":"done","tags":[],"date":"2026-04-15T07:47:22Z","url":{"schema":"http","addr":"withdraw-crypto.com","fqdn":"withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"172.67.135.147","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.withdraw-crypto.com/","fqdn":"www.withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"title":"Enter Case ID","dom":{"size":11601,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (972)","md5":"f466c4658df1f4947368011dde8f0298","sha1":"55647aa8a1a75dd753a84d70646e9badb3d724dd","sha256":"7a13590292447fd3785913dfc77e0503e150f0843ce92c1989a01c4823680e3c","sha512":"19a6db75232d898ae371a6969c61963d0f225402baa73c8adf801bf7bebca4ee253f5826b89eaacb9d2e15c8d7df87e4b7d93002338deffecb497988ac6b8cfe","ssdeep":"192:YtPgXvBPnKJUqR3WeSmyJtjzB+DtIQ1SEWA4G:Mw+z1WA4G","tlshash":"e232b6ea26b3802571539978effb9a492a19e063c509c9683f9c4748cf87ed0dd53b4c","dom_hash":"domhash70915cbad465c9cc47b3aa02808bb803","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"withdraw-crypto.com","fqdn":"withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"172.67.135.147","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-20T07:47:22Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"www.withdraw-crypto.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"withdraw-crypto.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.withdraw-crypto.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-13","domain_rank":0,"first_seen":"2026-04-15T07:47:23.318954Z","last_seen":"2026-04-15T07:47:23.318954Z","alert_count":8,"request_count":8,"received_data":331825,"sent_data":3576,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Socket.io","description":"","website":"https://socket.io","common_platform_enumeration":"","icon":"Socket.io.svg","categories":["JavaScript frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-12T22:16:45.621325Z","alert_count":0,"request_count":2,"received_data":98734,"sent_data":1126,"comment":"","tags":null,"fingerprints":null},{"fqdn":"withdraw-crypto.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":12638,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-12T22:20:19.752051Z","alert_count":0,"request_count":1,"received_data":10794,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.withdraw-crypto.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"www.withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-30T12:36:08.663651Z","times_seen":318771,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.withdraw-crypto.com/","fqdn":"www.withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"22fb4550a1cf23dfeb7d27d4af6f4f6f","sha1":"e550270141009a0f180e58ab7a24267aa7779d98","sha256":"d922783094657d407415e3d04ad6b67f97e49a0880b5fcc075097c92615761e7","sha512":"0accc89fb038b25896b0258e26b591d016ec5a858fdb8cb808dc430fd31f5be889c94369598999496d3b6fa5a4c2f509f09024b813ba237a6519699e6bb4269c","ssdeep":"","tlshash":"00a002243583ed7d85d6055551a281d86451552313468140713d44584f552461f5b757","size":86,"data":"","first_seen":"2026-02-23T15:39:29.427915Z","last_seen":"2026-04-15T08:01:20.563562Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.withdraw-crypto.com/socket.io/socket.io.js","fqdn":"www.withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec127053f9c5cbfeeefd263b4b23bc0a","sha1":"11c08d7468ffe8980b0f862280c0c371776938a8","sha256":"bc425714aa8f2547d6939e3721ebafd3830a7562a1f6cb08acc1e794bd707954","sha512":"81ec905226bb2b6632f968b204f873331a4a75f24c0f27d50bb5ea930bec797a7c201eed1eaf1a9ef06cbbe923a722bb54fdcbf2be7147eea00d77a80565a39e","ssdeep":"3072:zLTygH4CO2KsFpWw0axS8RZIXyR7dSGg18FEEaLH32emV/Tfkmh0KbhEGtkSWq:zLTy7X1sFpWw0aTRrgaEEaLH32emV/D5","tlshash":"6ce35f49aaf72051917330398bafa045f239d01b620acd443d1cd7f49f65b3897aafe9","size":155836,"data":"","first_seen":"2026-01-01T23:52:44.961231Z","last_seen":"2026-04-28T18:55:44.358175Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.withdraw-crypto.com/panel/panel-client.js?v=10","fqdn":"www.withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9fa2625a4e120b21cc8a554d6cd4938","sha1":"5479938979c911f4d499c59747ad2e31682d6bcd","sha256":"d7416352e423cc3cb6d96007cb49e7266cbb7ee401458dcdfe179d3cb3b0410c","sha512":"7787175f44b69dc052dfb3d6cadeb6ab7fadceff88bc038008b2d64d0e1d1eedacdf0a64171fb06604f918cdce8b5b8315cca4b28dd00edd65d130e73c689472","ssdeep":"384:ynrDkaczxExj/nxDJIMHGd/TMAwE++LwHH:+rDkNGnxHmd/THwqkHH","tlshash":"52d22e3962b310a4b273e17d6b9ba109222374037a45da543e9c73445fcca94a3f6ff9","size":28678,"data":"","first_seen":"2026-04-15T07:47:28.126597Z","last_seen":"2026-04-15T08:01:20.560341Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.withdraw-crypto.com/socket.io/socket.io.js","fqdn":"www.withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.withdraw-crypto.com/","date":"2026-04-15T07:47:01.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"withdraw-crypto.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 19:30:51 GMT","end":"Sun, 12 Jul 2026 19:30:50 GMT"},"fingerprint":{"sha1":"A2:76:78:3E:F8:42:0F:D8:FE:3E:C1:03:51:11:53:2C:6A:3C:AE:19","sha256":"EE:19:0A:28:75:6D:CA:BD:63:4D:01:89:82:3B:92:8D:C2:2B:B1:31:4C:75:0A:FA:3F:41:02:C1:DD:24:6B:F0"}}},"request":{"raw":"GET /socket.io/socket.io.js HTTP/1.1\r\nHost: www.withdraw-crypto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Apr 2026 07:47:02 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=14400\r\netag: \"4.8.3\"\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YI7pRdmPwPT6gFohfoC28C6dawobl0YAb90FgvP0ncAl%2FT4Tvhajp0V41qb0alLOUzZJbBE%2FCc6zKMDWih9hYP%2FyZYlJEgWvzC9TRteTjxMy8xlAhLu0HrOGdIQsHRZU4gn4AHGAyXFBmw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ec956fd6de25a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":155836,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"ec127053f9c5cbfeeefd263b4b23bc0a","sha1":"11c08d7468ffe8980b0f862280c0c371776938a8","sha256":"bc425714aa8f2547d6939e3721ebafd3830a7562a1f6cb08acc1e794bd707954","sha512":"81ec905226bb2b6632f968b204f873331a4a75f24c0f27d50bb5ea930bec797a7c201eed1eaf1a9ef06cbbe923a722bb54fdcbf2be7147eea00d77a80565a39e","ssdeep":"3072:zLTygH4CO2KsFpWw0axS8RZIXyR7dSGg18FEEaLH32emV/Tfkmh0KbhEGtkSWq:zLTy7X1sFpWw0aTRrgaEEaLH32emV/D5","tlshash":"6ce35f49aaf72051917330398bafa045f239d01b620acd443d1cd7f49f65b3897aafe9","first_seen":"2026-01-01T23:52:44.961231Z","last_seen":"2026-04-28T18:55:44.358175Z","times_seen":80,"resource_available":true,"data":null}},"time_used":836,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":697,"receive":139,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"www.withdraw-crypto.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.withdraw-crypto.com/","date":"2026-04-15T07:47:01.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:37 GMT","end":"Mon, 15 Jun 2026 08:38:36 GMT"},"fingerprint":{"sha1":"F8:24:5E:5A:B0:FB:57:E0:D6:E9:33:BD:54:27:DC:BF:50:74:4A:59","sha256":"A4:18:08:9F:87:3F:1D:A2:3B:7A:25:AA:E0:FF:C8:CB:B1:74:9C:8B:FF:A2:C5:D6:74:BB:B0:A7:97:7E:5B:02"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.withdraw-crypto.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 08:25:52 GMT\r\nexpires: Fri, 09 Apr 2027 08:25:52 GMT\r\ncache-control: public, max-age=31536000\r\nage: 516069\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-30T12:35:36.972392Z","times_seen":160460,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":111,"dns":1,"connect":21,"send":0,"wait":10,"receive":28,"ssl":86},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"www.withdraw-crypto.com/socket.io/?EIO=4\u0026transport=websocket","fqdn":"www.withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://www.withdraw-crypto.com/","date":"2026-04-15T07:47:02.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"withdraw-crypto.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 19:30:51 GMT","end":"Sun, 12 Jul 2026 19:30:50 GMT"},"fingerprint":{"sha1":"A2:76:78:3E:F8:42:0F:D8:FE:3E:C1:03:51:11:53:2C:6A:3C:AE:19","sha256":"EE:19:0A:28:75:6D:CA:BD:63:4D:01:89:82:3B:92:8D:C2:2B:B1:31:4C:75:0A:FA:3F:41:02:C1:DD:24:6B:F0"}}},"request":{"raw":"GET /socket.io/?EIO=4\u0026transport=websocket HTTP/1.1\r\nHost: www.withdraw-crypto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://www.withdraw-crypto.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: OAtGs/Ta3O3HE0a4nu2KXg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Wed, 15 Apr 2026 07:47:02 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: s7R4YA47J82UxG2IyHa51UN2peE=\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=94ePNOzLPWiWTCcNc4iB5KXr%2FkNUI3ghZWfr6CMe%2Bn%2FIfH9l6HEGlX9KAMK5MGweYDd2C2b4MR4c%2B8nNuW13ucRw4fuSHSC9xzf%2BjtCcW53FG0tretDnEDmEHxjgJscoHDHuoQUTCSHJog%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9ec957031fe5b51e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=522\u0026min_rtt=488\u0026rtt_var=197\u0026sent=4\u0026recv=7\u0026lost=0\u0026retrans=0\u0026sent_bytes=2368\u0026recv_bytes=1210\u0026delivery_rate=4546310\u0026cwnd=52\u0026unsent_bytes=0\u0026cid=f046c8105f9cb39d\u0026ts=536\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T12:35:13.103436Z","times_seen":14422255,"resource_available":true,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":15,"connect":15,"send":0,"wait":522,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"www.withdraw-crypto.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.withdraw-crypto.com/css/common.css","fqdn":"www.withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.withdraw-crypto.com/","date":"2026-04-15T07:47:01.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"withdraw-crypto.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 19:30:51 GMT","end":"Sun, 12 Jul 2026 19:30:50 GMT"},"fingerprint":{"sha1":"A2:76:78:3E:F8:42:0F:D8:FE:3E:C1:03:51:11:53:2C:6A:3C:AE:19","sha256":"EE:19:0A:28:75:6D:CA:BD:63:4D:01:89:82:3B:92:8D:C2:2B:B1:31:4C:75:0A:FA:3F:41:02:C1:DD:24:6B:F0"}}},"request":{"raw":"GET /css/common.css HTTP/1.1\r\nHost: www.withdraw-crypto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Apr 2026 07:47:01 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=14400\r\nlast-modified: Mon, 13 Apr 2026 22:45:26 GMT\r\netag: W/\"1508-19d89056770\"\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C1Dvr8IffGHDsMhi92p12y8EWymQPEvu%2B2RqTJGXxprh%2B3pdqBlt0YgFpusyu%2BjJ6q7PEvbPF1Snnyx9ZEh9x7kxXbVP3cscp2D520eZXKBvJLvy7pStANKd12aPMvR%2FRSzoAvAngJTRWQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ec956fd5dd05a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5384,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"assembler source, ASCII text","md5":"675ab500a695dde68cfb120c0feee2a5","sha1":"68f3669081163736374cb9fd402b37310ac96305","sha256":"d78e8c0a62d132a372dc0b694b39cf3121406eb6cdb13f3c62de59657d22e720","sha512":"0d1fd9b84f55fe670848815e72d7276500b354217cd1c3b113c6bcddbe9b738e6f48031526e7a21781f77841b65cd99064a7c92459bbfb785c4eca90700a542b","ssdeep":"96:HV0MtDJHgTBTQR7k6afmS0TR+dJtQWVWvLFQNqDHqLlUqH:HVxlJHgT9Eg6vpR+dvQWVWzWYHqJUqH","tlshash":"29b15197a7b34456791b5c697bff9785232c9043800add397fcc225c8f8a2f9a491b8c","first_seen":"2026-04-15T07:47:28.123575Z","last_seen":"2026-04-15T08:01:20.558925Z","times_seen":2,"resource_available":false,"data":null}},"time_used":520,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"www.withdraw-crypto.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.withdraw-crypto.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"www.withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.withdraw-crypto.com/","date":"2026-04-15T07:47:01.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"withdraw-crypto.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 19:30:51 GMT","end":"Sun, 12 Jul 2026 19:30:50 GMT"},"fingerprint":{"sha1":"A2:76:78:3E:F8:42:0F:D8:FE:3E:C1:03:51:11:53:2C:6A:3C:AE:19","sha256":"EE:19:0A:28:75:6D:CA:BD:63:4D:01:89:82:3B:92:8D:C2:2B:B1:31:4C:75:0A:FA:3F:41:02:C1:DD:24:6B:F0"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: www.withdraw-crypto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Apr 2026 07:47:01 GMT\r\ncontent-type: application/javascript\r\nexpires: Wed, 15 Apr 2026 08:35:01 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XZ%2BDsWCFKRHmzEchYZu%2BqdlJHGC6s6DmfuGNevdAgKAZazogf86kK9LC3AobcEvOI1MGT%2F9dvBt6aaPogFGQcJAnl4O7276npRNJ06gxPXzGuOLQJcs19UifMN9TL7MPbsvW7tip9Ir%2BvQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9ec956fd5dd55a0f-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-30T12:36:08.663651Z","times_seen":318771,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"www.withdraw-crypto.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.withdraw-crypto.com/panel/panel-client.js?v=10","fqdn":"www.withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.withdraw-crypto.com/","date":"2026-04-15T07:47:01.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"withdraw-crypto.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 19:30:51 GMT","end":"Sun, 12 Jul 2026 19:30:50 GMT"},"fingerprint":{"sha1":"A2:76:78:3E:F8:42:0F:D8:FE:3E:C1:03:51:11:53:2C:6A:3C:AE:19","sha256":"EE:19:0A:28:75:6D:CA:BD:63:4D:01:89:82:3B:92:8D:C2:2B:B1:31:4C:75:0A:FA:3F:41:02:C1:DD:24:6B:F0"}}},"request":{"raw":"GET /panel/panel-client.js?v=10 HTTP/1.1\r\nHost: www.withdraw-crypto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Apr 2026 07:47:01 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=14400\r\nlast-modified: Mon, 13 Apr 2026 22:06:00 GMT\r\netag: W/\"7022-19d88e14d40\"\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OGEubPRIV0f87IgAPuzgwSjIu8m6mHQOWS%2BXHf5SZwAiKPu%2F%2FPLhRXlqAkxToNc37IjYBj9c1BfRKm8eYtGNq1UcLPybEfeE9VsE3dIeNy2Ew9q4FFuuL7w5d8ZcRqUe%2BdDX5aktPMifKg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ec956fd6ded5a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28706,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"c9fa2625a4e120b21cc8a554d6cd4938","sha1":"5479938979c911f4d499c59747ad2e31682d6bcd","sha256":"d7416352e423cc3cb6d96007cb49e7266cbb7ee401458dcdfe179d3cb3b0410c","sha512":"7787175f44b69dc052dfb3d6cadeb6ab7fadceff88bc038008b2d64d0e1d1eedacdf0a64171fb06604f918cdce8b5b8315cca4b28dd00edd65d130e73c689472","ssdeep":"384:ynrDkaczxExj/nxDJIMHGd/TMAwE++LwHH:+rDkNGnxHmd/THwqkHH","tlshash":"52d22e3962b310a4b273e17d6b9ba109222374037a45da543e9c73445fcca94a3f6ff9","first_seen":"2026-04-15T07:47:28.126597Z","last_seen":"2026-04-15T08:01:20.560341Z","times_seen":2,"resource_available":true,"data":null}},"time_used":663,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":662,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"www.withdraw-crypto.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.withdraw-crypto.com/","date":"2026-04-15T07:47:01.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:37 GMT","end":"Mon, 15 Jun 2026 08:38:36 GMT"},"fingerprint":{"sha1":"F8:24:5E:5A:B0:FB:57:E0:D6:E9:33:BD:54:27:DC:BF:50:74:4A:59","sha256":"A4:18:08:9F:87:3F:1D:A2:3B:7A:25:AA:E0:FF:C8:CB:B1:74:9C:8B:FF:A2:C5:D6:74:BB:B0:A7:97:7E:5B:02"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.withdraw-crypto.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 08:25:52 GMT\r\nexpires: Fri, 09 Apr 2027 08:25:52 GMT\r\ncache-control: public, max-age=31536000\r\nage: 516069\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-30T12:35:36.972392Z","times_seen":160460,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":73,"dns":3,"connect":9,"send":0,"wait":9,"receive":10,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.withdraw-crypto.com/images/bg-img.webp","fqdn":"www.withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.withdraw-crypto.com/","date":"2026-04-15T07:47:01.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"withdraw-crypto.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 19:30:51 GMT","end":"Sun, 12 Jul 2026 19:30:50 GMT"},"fingerprint":{"sha1":"A2:76:78:3E:F8:42:0F:D8:FE:3E:C1:03:51:11:53:2C:6A:3C:AE:19","sha256":"EE:19:0A:28:75:6D:CA:BD:63:4D:01:89:82:3B:92:8D:C2:2B:B1:31:4C:75:0A:FA:3F:41:02:C1:DD:24:6B:F0"}}},"request":{"raw":"GET /images/bg-img.webp HTTP/1.1\r\nHost: www.withdraw-crypto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Apr 2026 07:47:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 17800\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\naccept-ranges: bytes\r\ncache-control: public, max-age=14400\r\nlast-modified: Sat, 14 Feb 2026 22:59:55 GMT\r\netag: W/\"4588-19c5e61d1f8\"\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DJqMYrqdAXWSSfbbUKmz%2FA0YjcGd1UxfoE3D1cwP4vTgZ%2B%2B1GqL1JflLF60hCfayVfcFUXeLsQ5kvXjLbZT3aiJf2Yxnyu5031gW7V3ChLk5MzdAw3GixjpigD%2FkYYV0P1HW2%2B%2FJ3tCUbw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ec95700a9445a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17800,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 2764x1728, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8763cdea6f0f059063da7459fe02f47a","sha1":"c4f501fab470cbfd06a352d06a0cef6f85d40540","sha256":"2124683d9cff5825008366f154bac323f5661ea9c6fc049bc57ec29b73f4093d","sha512":"2b78fd243b52273b41e7bb497b67b55bbf53768879d6df033ab5fa741e77f0cd06fc4e55eb413584a0d418b8b9e10146c5df9ef7d914b351f6b93b36b11dc229","ssdeep":"384:szFLQ8SlTRPi/NxKXNkb34coQS/KSfy87/FjOd:z3lN8NxK2bIP1KSfygg","tlshash":"6d827c5e99a19d70dc536472f2ce2e00f5ce2268b5a62a94e7705230c75e8dedf0f60c","first_seen":"2025-11-23T15:54:59.879122Z","last_seen":"2026-04-15T08:01:20.560918Z","times_seen":4,"resource_available":false,"data":null}},"time_used":683,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":682,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"www.withdraw-crypto.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.withdraw-crypto.com/favicon.ico","fqdn":"www.withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.withdraw-crypto.com/","date":"2026-04-15T07:47:02.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"withdraw-crypto.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 19:30:51 GMT","end":"Sun, 12 Jul 2026 19:30:50 GMT"},"fingerprint":{"sha1":"A2:76:78:3E:F8:42:0F:D8:FE:3E:C1:03:51:11:53:2C:6A:3C:AE:19","sha256":"EE:19:0A:28:75:6D:CA:BD:63:4D:01:89:82:3B:92:8D:C2:2B:B1:31:4C:75:0A:FA:3F:41:02:C1:DD:24:6B:F0"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.withdraw-crypto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Apr 2026 07:47:03 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=14400\r\nlast-modified: Sun, 22 Feb 2026 16:29:45 GMT\r\netag: W/\"191a9-19c862f7ca8\"\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LXcSP%2BVHAawG3v8ZowUKKJiW05Qh1%2BVb3FAu6D%2FQLXIs7YJqq2hrVw51nv43LC3ZoKlkeI2kd6ieHvvoBqJYzs3bOdlpGlyLtGdEECIMGuDhZPG5iSWsXj2cmsqLL5Q8kPh%2F78YO0BLZZA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ec9570389755a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":102825,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel","md5":"be6323fad688084a4da311abb1d0eda3","sha1":"ad8ea2ac03d8a6e4662683f9c05a228fd23223df","sha256":"d88ab80a018afdd384bda19e2dd8823628c2f84eee26f33b51c9938c0d086614","sha512":"081d26b16dc7872208b7cbee6794091eaaa0197c749de953eeb94de5ebb432c082bd1ff4829498890def85207086a5980f18194f68c286e6d0ca5822fce370a3","ssdeep":"3072:CVVVVVVVVVVVVVVHVVVVVVVVVVVVVVHVVVVVVVVVVVVVVHVVVVVVVVVVVVVVEVVe:c1","tlshash":"56a323113e2c922feac314359ac527740760eeb00dc766c665643d6df1feead898b60e","first_seen":"2025-01-06T05:04:50.632563Z","last_seen":"2026-04-15T08:01:20.561373Z","times_seen":52,"resource_available":false,"data":null}},"time_used":999,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":681,"receive":318,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"www.withdraw-crypto.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"withdraw-crypto.com/","fqdn":"withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-15T07:47:00.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"withdraw-crypto.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 19:30:51 GMT","end":"Sun, 12 Jul 2026 19:30:50 GMT"},"fingerprint":{"sha1":"A2:76:78:3E:F8:42:0F:D8:FE:3E:C1:03:51:11:53:2C:6A:3C:AE:19","sha256":"EE:19:0A:28:75:6D:CA:BD:63:4D:01:89:82:3B:92:8D:C2:2B:B1:31:4C:75:0A:FA:3F:41:02:C1:DD:24:6B:F0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: withdraw-crypto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Wed, 15 Apr 2026 07:47:00 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://www.withdraw-crypto.com/\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: Express\r\nvary: Accept\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JiPaPeWnXsSJfMYaa7YNDpGVDPuINRhmVfa76nzX8tY%2B53EjoK7Jxd28Q15xDf4tuM7JGhTWcDU7%2BpPZfg9nQNAEL6Ui99sJa6V5KsRg7d%2FZrScSN%2FHpcUFBozUpF02wPijiBzzQ\"}]}\r\ncf-ray: 9ec956f58d9156ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":11995,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T12:35:13.103436Z","times_seen":14422255,"resource_available":true,"data":null}},"time_used":626,"timings":{"blocked":40,"dns":20,"connect":1,"send":0,"wait":546,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"withdraw-crypto.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.withdraw-crypto.com/","fqdn":"www.withdraw-crypto.com","domain":"withdraw-crypto.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-15T07:47:00.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"withdraw-crypto.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 13 Apr 2026 19:30:51 GMT","end":"Sun, 12 Jul 2026 19:30:50 GMT"},"fingerprint":{"sha1":"A2:76:78:3E:F8:42:0F:D8:FE:3E:C1:03:51:11:53:2C:6A:3C:AE:19","sha256":"EE:19:0A:28:75:6D:CA:BD:63:4D:01:89:82:3B:92:8D:C2:2B:B1:31:4C:75:0A:FA:3F:41:02:C1:DD:24:6B:F0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.withdraw-crypto.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Apr 2026 07:47:01 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\npriority: u=1,i=?0\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\ncache-control: public, max-age=0\r\nlast-modified: Wed, 11 Mar 2026 18:58:54 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SMBxTLj2%2FyL%2BI3wsCMIGMgTLSmCTVvMTJEzV8f0BC0HCwy8PcKXuIvzf74Ak7dMiKFyi2VJX4feJYk5OnIsJM9C2qrFCy6nMu1jGE2R4HSxj0oIQpUN91%2Bz12Tp9QRm5BjGt30gA3s9oUg%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9ec956f928a35a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Socket.io","description":"","website":"https://socket.io","common_platform_enumeration":"","icon":"Socket.io.svg","categories":["JavaScript frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11995,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (970)","md5":"1755794bbdf2f0cca73019128936cde2","sha1":"1501f0cd669cda362fb0e2e82471d543ff0062be","sha256":"fc0e154b1b6882b5921cec662ee2d61515623e9609e9f2adac139493b8f179c5","sha512":"29391627434c268f02cadb6f3c3431ec74c0c559c366783fc7c133b3c9f51ab3ded7df64788e297ebaffdef6d7c881af33c5ab0205bc246078ec934d23ae4d46","ssdeep":"192:WtPgXvBPnKJUqR3WeSmyJKj1B+DNIQPS8gzLA4i0M:29+TfgzLA4i0M","tlshash":"1632a6ea2ab3802570539968fffb9a492a59e163c509c9643f9c4748cf87ed0dd43b4c","first_seen":"2026-04-15T07:47:28.132005Z","last_seen":"2026-04-15T07:47:28.132005Z","times_seen":1,"resource_available":true,"data":null}},"time_used":543,"timings":{"blocked":27,"dns":0,"connect":0,"send":0,"wait":516,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"www.withdraw-crypto.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.withdraw-crypto.com/","date":"2026-04-15T07:47:01.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:38 GMT","end":"Mon, 15 Jun 2026 08:38:37 GMT"},"fingerprint":{"sha1":"C3:E4:BE:7B:38:DD:F1:59:DC:DF:FA:8A:48:52:C7:1D:D2:BF:F7:5E","sha256":"31:F4:52:B9:AA:C3:06:E9:A3:71:DA:02:A5:63:C9:78:CC:3A:04:07:E1:B4:42:F5:DC:BF:40:0F:BE:3E:6F:9E"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 15 Apr 2026 07:47:01 GMT\r\ndate: Wed, 15 Apr 2026 07:47:01 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-04-30T12:37:18.804732Z","times_seen":23537,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":86,"dns":1,"connect":9,"send":0,"wait":19,"receive":0,"ssl":80},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}